diff options
| author | Dmitry Vyukov <dvyukov@google.com> | 2024-05-28 16:17:13 +0200 |
|---|---|---|
| committer | Dmitry Vyukov <dvyukov@google.com> | 2024-06-03 15:04:36 +0000 |
| commit | 701ad974ccc0ba0a61d2a2bd58db569f794bd037 (patch) | |
| tree | 2bf3b266b9f9a5d77ccee6059bd885eef625265d /pkg/fuzzer/fuzzer.go | |
| parent | 2addfcda6297288cd48c399dfbef1f5752162011 (diff) | |
pkg/fuzzer: refactor progTypes
The next commit will add another Candidate flag.
Candidate flags duplicate progTypes enum, so to avoid conversions
of one to another use progTypes in Candidate struct directly.
Rename progTypes to progFlags since multiple can be set,
so this is effectively flags rather than a single type.
Diffstat (limited to 'pkg/fuzzer/fuzzer.go')
| -rw-r--r-- | pkg/fuzzer/fuzzer.go | 34 |
1 files changed, 24 insertions, 10 deletions
diff --git a/pkg/fuzzer/fuzzer.go b/pkg/fuzzer/fuzzer.go index 8be912139..b0ceaf9c0 100644 --- a/pkg/fuzzer/fuzzer.go +++ b/pkg/fuzzer/fuzzer.go @@ -100,26 +100,26 @@ func (fuzzer *Fuzzer) execute(executor queue.Executor, req *queue.Request) *queu return fuzzer.executeWithFlags(executor, req, 0) } -func (fuzzer *Fuzzer) executeWithFlags(executor queue.Executor, req *queue.Request, flags ProgTypes) *queue.Result { +func (fuzzer *Fuzzer) executeWithFlags(executor queue.Executor, req *queue.Request, flags ProgFlags) *queue.Result { executor.Submit(req) res := req.Wait(fuzzer.ctx) fuzzer.processResult(req, res, flags) return res } -func (fuzzer *Fuzzer) prepare(req *queue.Request, flags ProgTypes) { +func (fuzzer *Fuzzer) prepare(req *queue.Request, flags ProgFlags) { req.OnDone(func(req *queue.Request, res *queue.Result) bool { fuzzer.processResult(req, res, flags) return true }) } -func (fuzzer *Fuzzer) enqueue(executor queue.Executor, req *queue.Request, flags ProgTypes) { +func (fuzzer *Fuzzer) enqueue(executor queue.Executor, req *queue.Request, flags ProgFlags) { fuzzer.prepare(req, flags) executor.Submit(req) } -func (fuzzer *Fuzzer) processResult(req *queue.Request, res *queue.Result, flags ProgTypes) { +func (fuzzer *Fuzzer) processResult(req *queue.Request, res *queue.Result, flags ProgFlags) { inTriage := flags&progInTriage > 0 // Triage individual calls. // We do it before unblocking the waiting threads because @@ -154,7 +154,7 @@ type Config struct { NewInputFilter func(call string) bool } -func (fuzzer *Fuzzer) triageProgCall(p *prog.Prog, info *flatrpc.CallInfo, call int, flags ProgTypes) { +func (fuzzer *Fuzzer) triageProgCall(p *prog.Prog, info *flatrpc.CallInfo, call int, flags ProgFlags) { if info == nil { return } @@ -243,17 +243,31 @@ func (fuzzer *Fuzzer) Logf(level int, msg string, args ...interface{}) { fuzzer.Config.Logf(level, msg, args...) } +type ProgFlags int + +const ( + ProgMinimized ProgFlags = 1 << iota + ProgSmashed + + progCandidate + progInTriage +) + type Candidate struct { - Prog *prog.Prog - Smashed bool - Minimized bool + Prog *prog.Prog + Flags ProgFlags } func (fuzzer *Fuzzer) AddCandidates(candidates []Candidate) { fuzzer.statCandidates.Add(len(candidates)) for _, candidate := range candidates { - req, flags := candidateRequest(fuzzer, candidate) - fuzzer.enqueue(fuzzer.candidateQueue, req, flags) + req := &queue.Request{ + Prog: candidate.Prog, + ExecOpts: setFlags(flatrpc.ExecFlagCollectSignal), + Stat: fuzzer.statExecCandidate, + Important: true, + } + fuzzer.enqueue(fuzzer.candidateQueue, req, candidate.Flags|progCandidate) } } |